New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper
Dec 24, 2025Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have discovered a new variant of a macOS information stealer called...
have
Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112
SafeBreach Labs Researchers have developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows Lightweight Directory...
19 Billion Passwords Leaked: Essential Tips for Your Protection
19 billion passwords have reportedly been compromised, leading to immediate action recommendations for individuals and organizations. A mega-database with...
A brush with online fraud: What are brushing scams and how do I stay safe?
Have you ever received a package you never ordered? It could be a warning sign that your data has been...
Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites
Cybersecurity researchers have discovered two malicious Google Chrome extensions with the same name and published by the same developer that...
Best API Vulnerability Scanner in 2026
APIs (Application Programming Interfaces) have become the digital backbone of modern enterprises, seamlessly linking mobile applications, cloud platforms, and...
Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens
Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional...
Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale
Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed...
Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence
Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly...
State-linked and criminal hackers use device code phishing against M365 users
Multiple threat groups have been ramping up attacks using a technique called device code phishing to trick users into granting...
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware
Cybersecurity researchers have disclosed details of a new campaign that has used cracked software distribution sites as a distribution vector...
Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks
Dec 19, 2025Ravie LakshmananCybercrime / Law Enforcement Authorities in Nigeria have announced the arrest of three "high-profile internet fraud suspects"...
The Case for Dynamic AI-SaaS Security as Copilots Scale
Within the past year, artificial intelligence copilots and agents have quietly permeated the SaaS applications businesses use every day. Tools...
Microsoft December Update Breaks Critical IIS Servers
The security updates delivered through KB5071546 have fundamentally broken Message Queuing (MSMQ) functionality across multiple Windows versions. The post Microsoft...
Why “Strong Passwords” Aren’t Enough Anymore—and What to Do Instead
Imagine a day where you didn’t have to juggle passwords. No more sticky notes. No more notebooks with dozens of...
